Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/UweHrwGREDOIGTfVwMb8c2vKWIU.roa
File:                     UweHrwGREDOIGTfVwMb8c2vKWIU.roa (raw, json)
Hash identifier:          2+upBkNJNZ8kdsZNGp+ab2EMbIjTE+lDxbgUVlfzF60=
Subject key identifier:   53:07:87:AF:01:91:10:33:88:19:37:D5:C0:C6:FC:73:6B:CA:58:85
Certificate issuer:       /CN=72047be15b275902dcf617dc3d0e16dc1f308022
Certificate serial:       018865401B5F66381F682EE5DF2BFBFD3DE8
Authority key identifier: 72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/UweHrwGREDOIGTfVwMb8c2vKWIU.roa
Signing time:             Mon 29 May 2023 02:04:40 +0000
ROA not before:           Mon 29 May 2023 02:04:40 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     2121
IP address blocks:        193.0.24.0/21 maxlen: 21
                          2001:67c:64:ffff:0:186:d20f:1e28/128 maxlen: 128
                          2001:67c:64:ffff:0:186:a1c7:a442/128 maxlen: 128
                          2001:67c:64:ffff:0:186:92f9:8437/128 maxlen: 128
                          2001:67c:64:ffff:0:186:59e5:727c/128 maxlen: 128
                          2001:67c:64:ffff:0:188:5fe2:b396/128 maxlen: 128
                          2001:67c:64:ffff:0:186:6f5a:adbb/128 maxlen: 128
                          2001:67c:64:ffff:0:186:7ecd:cc90/128 maxlen: 128
                          2001:67c:64:ffff:0:187:4695:a68a/128 maxlen: 128
                          2001:67c:64:ffff:0:186:6e7e:de02/128 maxlen: 128
                          2001:67c:64:ffff:0:186:9e58:8c82/128 maxlen: 128
                          2001:67c:64:ffff:0:186:cfe9:cd16/128 maxlen: 128
                          2001:67c:64:ffff:0:187:fa9a:b088/128 maxlen: 128
                          2001:67c:64::/48 maxlen: 48
                          2001:67c:64:ffff:0:186:c678:c9dc/128 maxlen: 128
                          2001:67c:64:ffff:0:187:b2b8:a7dd/128 maxlen: 128
                          2001:67c:64:ffff:0:188:653f:fd71/128 maxlen: 128
                          2001:67c:64:ffff:0:186:620c:ed81/128 maxlen: 128
Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:88:65:40:1b:5f:66:38:1f:68:2e:e5:df:2b:fb:fd:3d:e8
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=72047be15b275902dcf617dc3d0e16dc1f308022
        Validity
            Not Before: May 29 02:04:40 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=530787af01911033881937d5c0c6fc736bca5885
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:84:7c:4f:c8:fb:2b:b5:50:d0:7c:b5:7e:e1:3d:
                    9e:4d:e6:c1:44:f9:79:20:8d:b3:a6:98:38:ef:1d:
                    1b:86:f8:35:c3:2c:5c:5e:e6:cf:98:ab:6c:67:ef:
                    2d:8a:f8:4f:24:86:a4:54:38:1a:27:9d:27:38:a1:
                    7f:ed:9d:99:7c:9b:af:39:3d:ce:34:e3:53:14:68:
                    5a:17:a0:95:20:ca:4c:18:75:13:4d:bd:13:2f:f3:
                    cf:f3:dd:22:f8:e8:4d:71:18:ae:61:ef:ed:3c:e7:
                    32:5c:71:64:e7:e4:be:cb:ec:56:b3:0c:24:62:8f:
                    0b:32:e1:6b:dc:6f:19:48:7b:10:5b:25:4d:f9:d3:
                    9d:65:bd:af:ca:b2:34:e9:f3:97:b0:df:10:7e:04:
                    da:d8:67:c5:ff:56:e2:b4:f9:ed:99:62:30:0e:7e:
                    cb:49:23:0c:6d:9f:81:fd:c0:3a:60:f7:ef:30:7d:
                    40:12:0c:67:8b:32:d8:7d:9d:fa:6b:9a:b4:4c:0e:
                    f7:36:1f:16:57:67:b5:0a:5f:97:2a:9e:b9:85:0f:
                    ba:cd:48:0e:26:58:f4:6d:de:34:f2:cb:b2:5f:af:
                    8a:16:c5:23:65:e5:1c:24:45:27:44:40:3b:8f:51:
                    9c:d7:bf:7e:2d:fb:b5:56:16:88:f6:84:44:b0:38:
                    5b:a9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                53:07:87:AF:01:91:10:33:88:19:37:D5:C0:C6:FC:73:6B:CA:58:85
            X509v3 Authority Key Identifier:
                keyid:72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/UweHrwGREDOIGTfVwMb8c2vKWIU.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/cgR74VsnWQLc9hfcPQ4W3B8wgCI.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  193.0.24.0/21
                IPv6:
                  2001:67c:64::/48

    Signature Algorithm: sha256WithRSAEncryption
         2a:de:3d:e9:0f:6b:16:0e:9b:b3:4c:2b:b2:86:07:cd:2c:5c:
         4a:95:d7:16:74:6f:b4:6e:7e:0a:18:5d:5c:e0:b4:91:3c:1b:
         d3:a1:ac:40:1e:00:16:56:8c:36:9d:f7:62:16:a6:fb:8d:63:
         5c:11:98:83:e6:34:d4:4d:e3:1e:3e:7e:4b:cb:7b:bb:97:a0:
         4d:59:bb:ee:9d:fc:07:7c:fc:cc:9b:07:7a:b5:2e:f8:c6:e5:
         31:3c:03:d5:ad:c6:ac:de:60:cb:8b:90:d2:4c:2d:83:0c:ba:
         f5:42:bb:85:57:8f:ae:5c:00:86:25:f6:11:79:ab:ed:32:cd:
         f4:ce:a7:f7:71:57:ac:8f:11:60:9c:34:ae:0d:fc:58:70:ca:
         3e:e3:1c:f5:e2:11:7d:92:58:61:c9:64:aa:b2:2b:00:e3:79:
         9d:6e:be:90:be:70:ab:a8:ca:23:7b:8f:e9:42:7a:1d:05:5c:
         86:ed:38:8d:a1:7e:6e:1a:39:fc:0a:39:eb:e9:40:6f:c1:8e:
         10:96:ca:15:0c:95:0a:2b:30:26:c0:9c:9e:02:90:ac:8f:84:
         32:68:e8:6c:11:be:97:08:09:80:09:53:3c:08:2f:e5:f4:e7:
         dc:b6:33:bd:cb:13:59:65:ad:97:b1:ea:c3:71:7a:97:3d:63:
         f8:ba:7d:4c
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYhlQBtfZjgfaC7l3yv7/T3oMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyMDQ3YmUxNWIyNzU5MDJkY2Y2MTdkYzNkMGUxNmRjMWYz
MDgwMjIwHhcNMjMwNTI5MDIwNDQwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1MzA3ODdhZjAxOTExMDMzODgxOTM3ZDVjMGM2ZmM3MzZiY2E1ODg1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhHxPyPsrtVDQfLV+4T2eTebBRPl5
II2zppg47x0bhvg1wyxcXubPmKtsZ+8tivhPJIakVDgaJ50nOKF/7Z2ZfJuvOT3O
NONTFGhaF6CVIMpMGHUTTb0TL/PP890i+OhNcRiuYe/tPOcyXHFk5+S+y+xWswwk
Yo8LMuFr3G8ZSHsQWyVN+dOdZb2vyrI06fOXsN8QfgTa2GfF/1bitPntmWIwDn7L
SSMMbZ+B/cA6YPfvMH1AEgxnizLYfZ36a5q0TA73Nh8WV2e1Cl+XKp65hQ+6zUgO
Jlj0bd408suyX6+KFsUjZeUcJEUnREA7j1Gc179+Lfu1VhaI9oREsDhbqQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFFMHh68BkRAziBk31cDG/HNryliFMB8GA1UdIwQY
MBaAFHIEe+FbJ1kC3PYX3D0OFtwfMIAiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMt
MWFiZTNhYzEwYWE2LzEvVXdlSHJ3R1JFRE9JR1RmVndNYjhjMnZLV0lVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMtMWFiZTNhYzEwYWE2
LzEvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBACrePekPaxYOm7NMK7KG
B80sXEqV1xZ0b7RufgoYXVzgtJE8G9OhrEAeABZWjDad92IWpvuNY1wRmIPmNNRN
4x4+fkvLe7uXoE1Zu+6d/Ad8/MybB3q1LvjG5TE8A9WtxqzeYMuLkNJMLYMMuvVC
u4VXj65cAIYl9hF5q+0yzfTOp/dxV6yPEWCcNK4N/Fhwyj7jHPXiEX2SWGHJZKqy
KwDjeZ1uvpC+cKuoyiN7j+lCeh0FXIbtOI2hfm4aOfwKOevpQG/BjhCWyhUMlQor
MCbAnJ4CkKyPhDJo6GwRvpcICYAJUzwIL+X059y2M73LE1llrZex6sNxepc9Y/i6
fUw=
-----END CERTIFICATE-----